All data is encrypted, including Entry names, Category definitions and the data itself. Even the choice of Favorite Category is encrypted.

Encrypts data using AES and Blowfish algorithms with key sizes of 256, 192 and 128 bits.

When the data file is decrypted, up to all combinations of algorithm, key size and cipher mode of operation (CBC, CFB, OFB and ECB) are tried with the Master password to unlock the data file. This was inspired by TrueCrypt and makes brute force attacks longer. The app itself does not store any hint to the actual cipher, key size or cipher mode of operation.

The key to open the data file is created by combining your master password with the 512-bit 'salt'. The result is hashed 1000 times by SHA-256. Repetitive hashing makes a brute force attack more difficult.

Supports auto destruction of the data file after a predefined number of unsuccessful unlocks have been tried.

Not applies to the Cloud version: Unlike other similar Android apps aWallet has no internet access permission (forever). The only permissions this app has is to access to the USB device to backup/restore the data file in case you lose your phone. USB device access is also needed to export to CSV file format. Permission is also granted to the Google Play billing service to allow for the optional purchase of the aWallet Pro features.